<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="form-action 'none'">
<script>
    if (window.testRunner) {
        testRunner.dumpAsText();
        testRunner.setPopupBlockingEnabled(false);
        testRunner.waitUntilDone();
        testRunner.clearBackForwardList();
        testRunner.dumpBackForwardList();
    }

    window.addEventListener('load', function() {
        document.getElementById('theform').addEventListener('submit', function(e) {
            console.log('submit event fired.');
        });

        setTimeout(function() {
            document.getElementById('submit').click();
        }, 0);
    });

    document.addEventListener('securitypolicyviolation', function(e) {
        console.log('securitypolicyviolation event fired.');
        console.log('securitypolicyviolation_event.documentURI=' + e.documentURI);
        console.log('securitypolicyviolation_event.blockedURI=' + e.blockedURI);
        console.log('securitypolicyviolation_event.violatedDirective=' + e.violatedDirective);
        setTimeout(function() {
            testRunner.notifyDone();
        }, 0);
    });
</script>
</head>
<body>
    <form action='/navigation/resources/form-target.pl' id='theform'
          method='post' target="_blank">
        <input type='text' name='fieldname' value='fieldvalue'>
        <input type='submit' id='submit' value='submit'>
    </form>

    <p>Tests that blocking form actions works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.</p>
</body>
</html>
